AMG1312-T10D Wireless 2x2 802.11n ADSL2 4-port Gateway with USB Version 1.14 Edition 1, 12/2014 Quick Start Guide User’s Guide Default Login Details LAN IP Address http://192.168.1.1 User Name www.zyxel.
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • Quick Start Guide The Quick Start Guide shows how to connect the Device and get up and running right away.
Contents Overview Contents Overview Introduction .............................................................................................................................................13 Introducing the Web Configurator ...........................................................................................................19 Quick Start ...............................................................................................................................................
Contents Overview 4 AMG1312-T10D User’s Guide
Table of Contents Table of Contents Contents Overview ..............................................................................................................................3 Table of Contents .................................................................................................................................5 Chapter 1 Introduction.........................................................................................................................................13 1.1 Overview .....
Table of Contents 5.1.2 What You Need to Know About WAN ......................................................................................32 5.1.3 Before You Begin .....................................................................................................................34 5.2 The Internet Connection Screen .......................................................................................................34 5.2.1 Advanced Internet Connection ...............................................
Table of Contents 7.1 Overview ...........................................................................................................................................75 7.1.1 What You Can Do in this Chapter ............................................................................................75 7.1.2 What You Need To Know .........................................................................................................75 7.2 The LAN Setup Screen ............................................
Table of Contents Chapter 10 Network Address Translation (NAT)................................................................................................ 117 10.1 Overview ...................................................................................................................................... 117 10.1.1 What You Can Do in this Chapter ........................................................................................ 117 10.1.2 What You Need To Know ..................................
Table of Contents 14.4 Rules Screen .................................................................................................................................143 14.4.1 Rules Add Screen ................................................................................................................144 14.4.2 Customized Services ..........................................................................................................146 14.4.3 Customized Service Add/Edit ..............................
Table of Contents 18.2 The User Account Screen .............................................................................................................173 Chapter 19 TR-069 Client.....................................................................................................................................175 19.1 Overview .......................................................................................................................................175 19.2 The TR-069 Client Screen ......
Table of Contents 25.5.1 Configuring SNMP ...............................................................................................................196 25.6 DNS Screen .................................................................................................................................198 25.7 ICMP Screen .................................................................................................................................199 25.8 SSH Screen .......................................
Table of Contents 12 AMG1312-T10D User’s Guide
C HAPT ER 1 Introduction 1.1 Overview The switch is an ADSL2+ router which allows super-fast, secure Internet access over analog (POTS) telephone lines. It supports Asynchronous Transfer Mode (ATM). You can have ADSL, ADSL2, ADSL2+ connections. The Device integrates DSL and NAT for ease of installation and high-speed, shared Internet access. It also provides a complete security solution with a robust firewall and content filtering.
Chapter 1 Introduction • Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your password, you will have to reset the Device to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Device. You could simply restore your last configuration. 1.
Chapter 1 Introduction Configure your wireless network through the Web Configurator, or the WPS button. Figure 2 Wireless Access Example 1.5.1 Using the WLAN/WPS Button By default, the Device’s wireless network is enabled. To turn it off, simply press the WPS/WLAN button on top of the Device for over 5 seconds. The WLAN/WPS LED turns off. Use the WLAN/WPS button to quickly set up a secure wireless connection between the Device and a WPS-compatible client by adding one device at a time.
Chapter 1 Introduction 1.6 The RESET Button If you forget your password or cannot access the web configurator, use the RESET button at the back of the device to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the user name and password will be reset to the default. 1.6.1 Using the Reset Button With the POWER LED on steady, press the RESET button for ten seconds or until the POWER LED begins to blink and then release it.
Chapter 1 Introduction None of the LEDs are on if the Device is not receiving power. Table 1 LED Descriptions LED COLOR STATUS DESCRIPTION USB Green On The Device recognizes a USB connection through the USB slot. Blinking The Device is sending or receiving data to or from the connected USB device. DSL Green Off The Device does not detect a USB connection through the USB slot. On The DSL line is up. Blinking The DSL line is initializing. Off WLAN/WPS Green Orange The DSL line is down.
Chapter 1 Introduction 18 AMG1312-T10D User’s Guide
C HAPT ER 2 Introducing the Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions, Mozilla Firefox 3 and later versions, or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device.
Chapter 2 Introducing the Web Configurator Note: For security reasons, the Device automatically logs you out if you do not use the web configurator for five minutes (default). If this happens, log in again. 5 The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Skip to proceed to the main menu if you do not want to change the password now.
Chapter 2 Introducing the Web Configurator Figure 6 Connection Status 7 Click System Info to display the System Info screen, where you can view the Device’s interface and system information. 2.2 The Web Configurator Layout Click Connection Status > System Info to show the following screen.
Chapter 2 Introducing the Web Configurator Figure 7 Web Configurator Layout A B a b C As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar shows the Wizard and Logout icons in the upper right corner. Click the Wizard icon to configure basic initial settings. Click the Logout icon to log out of the web configurator. 2.2.2 Main Window The main window displays information and configuration fields.
Chapter 2 Introducing the Web Configurator Click LAN Device on the System Info screen (a in Figure 7 on page 22) to display the Connection Status screen. See Chapter 4 on page 28 for more information on the System Info and Connection Status screens. Click Virtual Device on the System Info screen (b in Figure 7 on page 22) to display a visual graphic showing the connection status of the Device’s ports. The connected ports are in color and disconnected ports are gray.
Chapter 2 Introducing the Web Configurator 24 AMG1312-T10D User’s Guide
C HAPT ER 3 Quick Start 3.1 Overview Use the Quick Start screens to configure the Device’s time zone, basic Internet access, and wireless settings. Note: See the rest of this guide for background information on the features in this chapter. 3.2 Quick Start Setup 1 The Quick Start Wizard appears automatically after login. Or you can click the Start icon in the top right corner of the web configurator to open the quick start screens. Select the time zone of the Device’s location and click Next.
Chapter 3 Quick Start Figure 10 WAN Interface Selection 3 Turn the wireless LAN on or off. If you keep it on, record the security settings so you can configure your wireless clients to connect to the Device. Click Save. Figure 11 Internet Connection 4 26 Your Device saves your settings and attempts to connect to the Internet.
C HAPT ER 4 Connection Status and System Info 4.1 Overview After you log into the web configurator, the Connection Status screen appears. This shows the network connection status of the Device and clients connected to it. Use the System Info screen to look at the current status of the device, system resources, interfaces (LAN, WAN and WLAN), and SIP accounts. You can also register and unregister SIP accounts.
Chapter 4 Connection Status and System Info In Icon View, if you want to view information about a client, click the client’s name and Info. In List View, you can also view the client’s information. 4.3 The System Info Screen Click Connection Status > System Info to open this screen. Figure 14 System Info Screen Each field is described in the following table.
Chapter 4 Connection Status and System Info Table 2 System Info Screen (continued) LABEL DESCRIPTION MAC Address This is the MAC (Media Access Control) or Ethernet address unique to your Device. Firmware Version This field displays the current version of the firmware inside the device. It also shows the date the firmware version was created. Go to the Maintenance > Firmware Upgrade screen to change it. DSL Version This is the current version of the Device’s DSL modem code.
Chapter 4 Connection Status and System Info Table 2 System Info Screen (continued) LABEL DESCRIPTION Scheduling This shows whether wireless scheduling is enabled or disabled. WiFi MAC This is the MAC (Media Access Control) or Ethernet address unique to your Device’s WiFi interface. Security Firewall This shows whether or not the firewall is enabled (on). System Status DSL UpTime This field displays how long the DSL connection has been active.
C HAPT ER 5 WAN Setup 5.1 Overview This chapter describes how to configure WAN settings from the WAN screens. Use these screens to configure your Device for Internet access. A WAN (Wide Area Network) connection connects to another network or the Internet. It connects your private networks (such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations.
Chapter 5 WAN Setup • Use the More Connections screen (Section 5.3 on page 40) to set up additional Internet access connections. • Use the 3G Backup screen to configure 3G WAN connection (Section 5.4 on page 46). 5.1.2 What You Need to Know About WAN Encapsulation Method Encapsulation includes data from an upper layer protocol into a lower layer protocol. To set up a WAN connection to the Internet, you need to use the same encapsulation method used by your ISP (Internet Service Provider).
Chapter 5 WAN Setup network can also use IPv4 services. The Device uses it’s configured IPv4 WAN IP to route IPv4 traffic to the IPv4 Internet. Figure 17 IPv6 Rapid Deployment LAN - IPv6 - IPv4 WAN - IPv4 - IPv6 in IPv4 ISP (IPv4) IPv6 in IPv4 IPv6 + IPv4 BR IPv6 Internet IPv4 IPv4 Internet Dual Stack Lite Use Dual Stack Lite when local network computers use IPv4 and the ISP has an IPv6 network.
Chapter 5 WAN Setup they send data. It allows fast transfer of voice and non-voice data and provides broadband Internet access to mobile devices. Finding Out More See Section 5.5 on page 48 for technical background information on WAN. 5.1.3 Before You Begin You need to know your Internet access settings such as encapsulation and WAN IP address. Get this information from your ISP. 5.2 The Internet Connection Screen Use this screen to change your Device’s WAN settings.
Chapter 5 WAN Setup Figure 19 Network Setting > Broadband > Internet Connection AMG1312-T10D User’s Guide 35
Chapter 5 WAN Setup The following table describes the labels in this screen. Table 3 Network Setting > Broadband >Internet Connection LABEL DESCRIPTION Line ADSL Mode Select the kind of connection your Device uses to connect to the ISP. Use Auto Sync-Up if you are not sure which type to choose. Use ADSLT1.413, ADSLG.DMT, ADSLG.lite, ADSL2, ADSL2+, ADSL2_AnnexM, ADSL2+_AnnexM, or READSL2 if you know the specific type of DSL the Device uses to connect to the ISP.
Chapter 5 WAN Setup Table 3 Network Setting > Broadband >Internet Connection (continued) LABEL DESCRIPTION IP Address Enter the static IP address provided by your ISP. IPv6 Tunnel Mode This is available if you select ENET ENCAP or PPPoE in the Encapsulation field and IPv4 in the IPv6/IPv4 Dual Stack field. Select 6rd to tunnel IPv6 traffic from the local network through the ISP’s IPv4 network. Select 6to4 to enable IPv6 to IPv4 tunneling.
Chapter 5 WAN Setup Table 3 Network Setting > Broadband >Internet Connection (continued) LABEL DESCRIPTION Mode Select Manual if you have the IPv6 address of the Address Family Transition Router (AFTR), otherwise select Auto to have the Device detect it automatically through DHCPv6. Remote IPv6 Address When you set the Mode field to Manual, specify the AFTR IPv6 address. IPv6 Address When you enable Static IP Address, enter the IPv6 address of the Device in the WAN.
Chapter 5 WAN Setup Figure 20 Internet Connection: Advanced Setup The following table describes the labels in this screen. Table 4 Internet Connection: Advanced Setup LABEL DESCRIPTION RIP & Multicast Setup This section does not apply when you configure the Device to bridge mode. RIP Direction RIP (Routing Information Protocol) allows a router to exchange routing information with other routers. Use this field to control how much routing information the Device sends and receives on the subnet.
Chapter 5 WAN Setup Table 4 Internet Connection: Advanced Setup (continued) LABEL DESCRIPTION Peak Cell Rate Divide the DSL line rate (bps) by 424 (the size of an ATM cell) to find the Peak Cell Rate (PCR). This is the maximum rate at which the sender can send cells. Type the PCR here. Sustain Cell Rate The Sustain Cell Rate (SCR) sets the average cell rate (long-term) that can be transmitted. Type the SCR, which must be less than the PCR. Note that system default is 0 cells/sec.
Chapter 5 WAN Setup The following table describes the labels in this screen. Table 5 Network Setting > Broadband > More Connections LABEL DESCRIPTION # This is an index number indicating the number of the corresponding connection. Active This field indicates whether the connection is active or not. This field is read-only. Node Name This is the name of the Internet connection.
Chapter 5 WAN Setup Figure 22 More Connections: Edit The following table describes the labels in this screen. Table 6 More Connections: Edit LABEL DESCRIPTION General Active Select the check box to activate or clear the check box to deactivate this connection. Node Name Enter a unique, descriptive name of up to 13 ASCII characters for this connection. Mode Select Router from the drop-down list box if your ISP allows multiple computers to share an Internet account.
Chapter 5 WAN Setup Table 6 More Connections: Edit (continued) LABEL Service Name Multiplex DESCRIPTION (PPPoE only) Type the name of your PPPoE service here. Select the method of multiplexing used by your ISP from the drop-down list. Choices are VC-Mux or LLC. By prior agreement, a protocol is assigned a specific virtual circuit, for example, VC1 will carry IP. If you select VC-mux, specify separate VPI and VCI numbers for each protocol.
Chapter 5 WAN Setup Table 6 More Connections: Edit (continued) LABEL DESCRIPTION DHCP IPv6 Select DHCP if you want to obtain an IPv6 address from a DHCPv6 server. The IP address assigned by a DHCPv6 server has priority over the IP address automatically generated by the Device using the IPv6 prefix from an RA. Select SLAAC (Stateless address autoconfiguration) to have the Device use the prefix to automatically generate a unique IP address that does not need to be maintained by a DHCP server.
Chapter 5 WAN Setup Figure 23 More Connections: Edit: Advanced Setup The following table describes the labels in this screen. Table 7 More Connections: Edit: Advanced Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP Direction from None, Both, In Only and Out Only. RIP Version You do not configure this field if you set the RIP Direction field to None. Select the RIP Version from RIP-1, RIP-2B/RIP-2M.
Chapter 5 WAN Setup Table 7 More Connections: Edit: Advanced Setup (continued) LABEL DESCRIPTION PPPoE Passthrough When using the PPPoE the encapsulation type, select this to enable PPPoE passthrough. In addition to the Device’s built-in PPPoE client, this allows hosts on the LAN to use PPPoE client software on their computers to connect to the ISP through the Device. Each host can have a separate account and a public WAN IP address.
Chapter 5 WAN Setup Figure 24 Network Setting > Broadband > 3G Backup The following table describes the labels in this screen. Table 8 Network Setting > Broadband > 3G Backup LABEL DESCRIPTION 3G Backup Select Enable 3G Backup to have the Device use the 3G connection as your WAN or a backup when the wired WAN connection fails. Card Description This field displays the manufacturer and model name of your 3G card if you inserted one in the Device. Otherwise, it displays N/A.
Chapter 5 WAN Setup Table 8 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION APN Code Enter the APN (Access Point Name) provided by your service provider. Connections with different APNs may provide different services (such as Internet access or MMS (MultiMedia Messaging Service)) and charge method. You can enter up to 31 ASCII printable characters. Spaces are allowed. Obtain an IP Address Automatically Select this option If your ISP did not assign you a fixed IP address.
Chapter 5 WAN Setup 5.5.1.2 PPP over Ethernet The Device supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE specifies how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The PPPoE option provides a dial-up connection using PPPoE. For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example RADIUS).
Chapter 5 WAN Setup 5.5.3 VPI and VCI Be sure to use the correct Virtual Path Identifier (VPI) and Virtual Channel Identifier (VCI) numbers assigned to you. The valid range for the VPI is 0 to 255 and for the VCI is 32 to 65535 (0 to 31 is reserved for local management of ATM traffic). Please see the appendix for more information. 5.5.4 IP Address Assignment A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you a different one each time.
C HAPT ER 6 Wireless 6.1 Overview This chapter describes the Device’s Network Setting > Wireless screens. Use these screens to set up your Device’s wireless connection. 6.1.1 What You Can Do in this Chapter • Use the General screen to enable the wireless LAN, enter the SSID and select the wireless security mode (Section 6.2 on page 53). • Use the More AP screen to set up multiple wireless networks on your Device (Section 6.3 on page 59).
Chapter 6 Wireless • An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. The following figure provides an example of a wireless network. Figure 25 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B use the access point (AP) to interact with the other devices (such as the printer) or with the Internet. Your Device is the AP.
Chapter 6 Wireless Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies. 6.1.3 Before You Begin Before you start using these screens, ask yourself the following questions. See Section 6.10 on page 69 if some of the terms used here do not make sense to you. • What wireless standards do the other wireless devices support (IEEE 802.
Chapter 6 Wireless Figure 26 Network Setting > Wireless > General The following table describes the labels in this screen. Table 9 Network > Wireless LAN > General LABEL DESCRIPTION Wireless Network Setup Wireless Select the Enable Wireless LAN check box to activate the wireless LAN. Note: You must also set the Device’s physical WLAN ON/OFF button to ON to use wireless LAN. The WLAN LED should be on.
Chapter 6 Wireless Table 9 Network > Wireless LAN > General (continued) LABEL DESCRIPTION Channel Selection Set the channel depending on your particular region. Select a channel or use Auto to have the Device automatically determine a channel to use. If you are having problems with wireless interference, changing the channel may help. Try to use a channel that is as many channels away from any channels used by neighboring APs as possible.
Chapter 6 Wireless There are two types of WEP authentication namely, Open System (Static WEP) and Shared Key (Shared WEP). Open system is implemented for ease-of-use and when security is not an issue. The wireless station and the AP or peer computer do not share a secret key. Thus the wireless stations can associate with any AP or peer computer and listen to any transmitted data that is not encrypted.
Chapter 6 Wireless password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA2. Click Network Settings > Wireless to display the General screen. Select More Secure as the security level. Then select WPA2-PSK from the Security Mode list. Figure 29 Wireless > General: More Secure: WPA2-PSK The following table describes the labels in this screen.
Chapter 6 Wireless Click Network Settings > Wireless to display the General screen. Select More Secure as the security level. Then select WPA2 from the Security Mode list. Figure 30 Wireless > General: More Secure: WPA2 The following table describes the labels in this screen. Table 13 Wireless > General: More Secure: WPA2 LABEL DESCRIPTION Security Level Select More Secure to enable WPA2 data encryption. Security Mode Choose WPA2 from the drop-down list box.
Chapter 6 Wireless Table 13 Wireless > General: More Secure: WPA2 (continued) LABEL DESCRIPTION Group Key Update Timer The Group Key Update Timer is the rate at which the RADIUS server sends a new group key out to all clients. If the value is set to “0”, the update timer function is disabled. Encryption If the security mode is WPA2 and WPA-PSK Compatible is disabled, the encryption mode is set to AES to enable Advanced Encryption System (AES) security on your wireless network.
Chapter 6 Wireless 6.3.1 Edit More AP Use this screen to edit an SSID profile. Click the Edit icon next to an SSID in the More AP screen. The following screen displays. Figure 32 Wireless > More AP: Edit The following table describes the fields in this screen. Table 15 Wireless > More AP: Edit LABEL DESCRIPTION Wireless Network Setup Wireless Select the Enable Wireless LAN check box to activate the wireless LAN.
Chapter 6 Wireless Table 15 Wireless > More AP: Edit (continued) LABEL DESCRIPTION Security Mode Select Basic (WEP) or More Secure (WPA2-PSK, WPA2) to add security on this wireless network. Wireless clients must use the same wireless security settings as the Device to connect to the wireless LAN. After you select to use security, additional options appears in this screen. Or you can select No Security to allow any client to connect to this network without any data encryption or authentication.
Chapter 6 Wireless Table 16 Wireless > MAC Authentication (continued) LABEL DESCRIPTION Add new MAC address Click this if you want to add a new MAC address entry to the MAC filter list below. Enter the MAC addresses of the wireless devices that are allowed or denied access to the Device in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc.
Chapter 6 Wireless Figure 35 Network Setting > Wireless > WPS The following table describes the labels in this screen. Table 17 Network Setting > Wireless > WPS LABEL DESCRIPTION Enable WPS Select Enable and click Apply to activate WPS on the Device. Add a new device with WPS Method - These fields display after you enable WPS and click Apply. Method 1 PBC WPS Use this section to set up a WPS wireless network using Push Button Configuration (PBC).
Chapter 6 Wireless Table 17 Network Setting > Wireless > WPS (continued) LABEL AP PIN DESCRIPTION The PIN of the Device is shown here. Enter this PIN in the configuration utility of the device you want to connect to using WPS. The PIN is not necessary when you use WPS push-button method. Click the Generate New PIN button to have the Device create a new PIN.
Chapter 6 Wireless Figure 36 Network Setting > Wireless > WDS The following table describes the labels in this screen. Table 18 Network Setting > Wireless > WDS LABEL DESCRIPTION WDS Security Select the type of the key used to encrypt data between APs. All the wireless APs (including the Device) must use the same pre-shared key for data transmission. The option is available only when you set the security mode to WPA2 or WPA2-PSK in the Wireless > General screen.
Chapter 6 Wireless Figure 37 Network Setting > Wireless > WMM The following table describes the labels in this screen. Table 19 Network Setting > Wireless > WMM LABEL DESCRIPTION Enable WMM of SSID1~4 This enables the Device to automatically give a service a priority level according to the ToS value in the IP header of packets it sends. WMM QoS (Wifi MultiMedia Quality of Service) gives high priority to voice and video, which makes them run more smoothly. Apply Click Apply to save your changes.
Chapter 6 Wireless Table 20 Network Setting > Wireless > Scheduling (continued) LABEL DESCRIPTION Start Time This field displays the time (in 24-hour time format) the rule turns off the wireless LAN. End Time This field displays the time (in 24-hour time format) the rule turns the wireless LAN back on. Security This field indicates the security mode of the SSID profile. Modify Click the Edit icon to configure the scheduling rule. Click the Delete icon to remove the scheduling rule.
Chapter 6 Wireless See Section 6.10.1 on page 69 for detailed definitions of the terms listed in this screen. Figure 40 Network Setting > Wireless> Advanced The following table describes the labels in this screen. Table 22 Network Setting > Wireless> Advanced LABEL DESCRIPTION Fragmentation Threshold This is the maximum data fragment size that can be sent. Enter a value between 256 and 2346. Output Power Set the output power of the Device.
Chapter 6 Wireless 6.10 Technical Reference This section discusses wireless LANs in depth. 6.10.1 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the Device’s web configurator. Table 23 Additional Wireless Terms TERM DESCRIPTION RTS/CTS Threshold In a wireless network which covers a large area, wireless devices are sometimes not aware of each other’s presence.
Chapter 6 Wireless Because of the damage that can be done by a malicious attacker, it’s not just people who have sensitive information on their network who should use security. Everybody who uses any wireless network should ensure that effective security is in place. A good way to come up with effective security keys, passwords and so on is to use obscure information that you personally will easily remember, and to enter it in a way that appears random and does not include real words.
Chapter 6 Wireless The types of encryption you can choose depend on the type of authentication. (See Section 6.10.2.2 on page 70 for information about this.) Table 24 Types of Encryption for Each Type of Authentication Weakest NO AUTHENTICATION RADIUS SERVER No Security WPA Static WEP WPA-PSK Strongest WPA2-PSK WPA2 For example, if the wireless network has a RADIUS server, you choose WPA2. If users do not log in to the wireless network, you can choose no encryption, Static WEP or WPA2-PSK.
Chapter 6 Wireless When Intra-BSS traffic blocking is enabled, wireless station A and B can still access the wired network but cannot communicate with each other. Figure 41 Basic Service set 6.10.5 MBSSID Traditionally, you need to use different APs to configure different Basic Service Sets (BSSs). As well as the cost of buying extra APs, there is also the possibility of channel interference.
Chapter 6 Wireless At the time of writing, WDS security is not compatible with all access points. Refer to your other access point’s documentation for details. The following figure illustrates how WDS link works between APs. Notebook computer A is a wireless client connecting to access point AP 1. AP 1 has no wired Internet connection, but it can establish a WDS link with access point AP 2, which has a wired Internet connection.
Chapter 6 Wireless 74 AMG1312-T10D User’s Guide
C HAPT ER 7 Home Networking 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is usually located in one immediate area such as a building or floor of a building. The LAN screens can help you configure a LAN DHCP server and manage IP addresses. LAN WAN 7.1.1 What You Can Do in this Chapter • Use the LAN Setup screen to set the LAN IP address, subnet mask, and DHCP settings (Section 7.2 on page 78).
Chapter 7 Home Networking 7.1.2.1 About LAN IP Address Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number. This is known as an Internet Protocol address. Subnet Mask The subnet mask specifies the network number portion of an IP address. Your Device will compute the subnet mask automatically based on the IP address that you entered.
Chapter 7 Home Networking See Section 7.10 on page 92 for examples of installing and using UPnP. 7.1.2.3 About File Sharing Workgroup name This is the name given to a set of computers that are connected on a network and share resources such as a printer or files. Windows automatically assigns the workgroup name when you set up a network. Shares When settings are set to default, each USB device connected to the Device is given a folder, called a “share”.
Chapter 7 Home Networking Port A port maps a network service such as http to a process running on your computer, such as a process run by your web browser. When traffic from the Internet is received on your computer, the port number is used to identify which process running on your computer it is intended for. Supported OSs Your operating system must support TCP/IP ports for printing and be compatible with the RAW (port 9100) protocol. The following OSs support Device’s printer sharing feature.
Chapter 7 Home Networking The following table describes the fields in this screen. Table 25 Network Setting > Home Networking > LAN Setup LABEL DESCRIPTION LAN IP Setup IP Address Enter the LAN IP address you want to assign to your Device in dotted decimal notation, for example, 192.168.1.1 (factory default). IP Subnet Mask Type the subnet mask of your network in dotted decimal notation, for example 255.255.255.0 (factory default).
Chapter 7 Home Networking 7.3 The Static DHCP Screen This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. 7.3.1 Before You Begin Find out the MAC addresses of your network devices if you intend to add them to the Static DHCP screen.
Chapter 7 Home Networking Figure 45 Static DHCP: Add The following table describes the labels in this screen. Table 27 Static DHCP: Add LABEL DESCRIPTION MAC Address Enter the MAC address of a computer on your LAN. IP Address Enter the IP address that you want to assign to the computer on your LAN with the MAC address that you will also specify. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 7.
Chapter 7 Home Networking Table 28 Network Setting > Home Networking > IP Alias LABEL DESCRIPTION Subnet Mask Your Device will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Device. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 7.
Chapter 7 Home Networking Figure 48 Network Setting > Home Networking > IPv6 LAN Setup AMG1312-T10D User’s Guide 83
Chapter 7 Home Networking The following table describes the labels in this screen. Table 30 Network Setting > Home Networking > IPv6 LAN Setup LABEL DESCRIPTION IPv6 LAN Setup Link Local Address Type Select Manual to manually enter a link local address. Select EUI64 to use the EUI-64 format to generate a link local address from the Ethernet MAC address.
Chapter 7 Home Networking Table 30 Network Setting > Home Networking > IPv6 LAN Setup (continued) LABEL DESCRIPTION LAN IPv6 Address Assign Setup Select how you want to obtain an IPv6 address: • • • LAN IPv6 DNS Assign Setup Stateless: The Device uses IPv6 stateless autoconfiguration. RADVD (Router Advertisement Daemon) is enabled to have the Device send IPv6 prefix information in router advertisements periodically and in response to router solicitations. DHCPv6 server is disabled.
Chapter 7 Home Networking Table 30 Network Setting > Home Networking > IPv6 LAN Setup (continued) LABEL DESCRIPTION Send RA on Select this to have the Device send router advertisement messages to the LAN hosts. Router advertisement is a response to a router solicitation or a periodical multicast advertisement from a router to advertise its presence and other parameters, such as IPv6 prefix and DNS information.
Chapter 7 Home Networking Table 30 Network Setting > Home Networking > IPv6 LAN Setup (continued) LABEL DESCRIPTION Cancel Click this to restore your previously saved settings. Advanced Setup Click this to close the IPv6 LAN Setup Advanced Setup section. 7.7 The File Sharing Screen You can share files on a USB memory stick or hard drive connected to your Device with users on your network. The following figure is an overview of the Device’s file server feature.
Chapter 7 Home Networking Use this screen to set up file sharing using the Device. To access this screen, click Network Setting > Home Networking > File Sharing. Figure 50 Network Setting > Home Networking > File Sharing Each field is described in the following table. Table 31 Network Setting > Home Networking > File Sharing LABEL DESCRIPTION Server Configuration File Sharing Services (SMB) Select Enable to activate file sharing through the Device.
Chapter 7 Home Networking 7.7.2 Edit File Sharing User Use this screen to edit a file sharing user on the Device. Click the Edit icon next to a user account. Figure 51 File Sharing: Add/Edit Each field is described in the following table. Table 32 File Sharing: Add/Edit LABEL DESCRIPTION Active Select this to activate the file sharing user account. User Name Type the user name for the account. New Password Type your new system password (up to 30 characters).
Chapter 7 Home Networking Figure 52 Sharing a USB Printer 7.8.1 Before You Begin To configure the print server you need the following: • Your Device must be connected to your computer and any other devices on your network. The USB printer must be connected to your Device. • A USB printer with the driver already installed on your computer. • The computers on your network must have the printer software already installed before they can create a TCP/IP port for printing via the network.
Chapter 7 Home Networking 7.9 Technical Reference This section provides some technical background information about the topics covered in this chapter. LANs, WANs and the Device The actual physical connection determines whether the Device ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next.
Chapter 7 Home Networking Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
Chapter 7 Home Networking 1 Click Start and Control Panel. Double-click Add/Remove Programs. 2 Click the Windows Setup tab and select Communication in the Components selection box. Click Details. Figure 55 Add/Remove Programs: Windows Setup: Communication 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box.
Chapter 7 Home Networking 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Chapter 7 Home Networking 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 59 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 7.11 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the Device. Make sure the computer is connected to a LAN port of the Device.
Chapter 7 Home Networking Figure 60 Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Figure 61 Internet Connection Properties 4 96 You may edit or delete the port mappings or click Add to manually add port mappings.
Chapter 7 Home Networking Figure 62 Internet Connection Properties: Advanced Settings Figure 63 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. Figure 64 System Tray Icon 7 Double-click on the icon to display your current Internet connection status.
Chapter 7 Home Networking Figure 65 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the Device without finding out the IP address of the Device first. This comes helpful if you do not know the IP address of the Device. Follow the steps below to access the web configurator. 1 Click Start and then Control Panel. 2 Double-click Network Connections. 3 Select My Network Places under Other Places.
Chapter 7 Home Networking 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your Device and select Invoke. The web configurator login screen displays. Figure 67 Network Connections: My Network Places 6 Right-click on the icon for your Device and select Properties. A properties window displays with basic information about the Device.
Chapter 7 Home Networking 100 AMG1312-T10D User’s Guide
C HAPT ER 8 Static Route 8.1 Overview The Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the Device’s LAN interface. The Device routes most traffic from A to the Internet through the Device’s default gateway (R1).
Chapter 8 Static Route 8.2 Configuring Static Route Use this screen to view and configure IP static routes on the Device. Click Network Setting > Static Route to open the following screen. Figure 70 Network Setting > Static Route The following table describes the labels in this screen. Table 34 Network Setting > Static Route LABEL DESCRIPTION Add New Static Route Click this to set up a new static route on the Device. # This is the number of an individual static route.
Chapter 8 Static Route The following table describes the labels in this screen. Table 35 Routing: Add/Edit LABEL DESCRIPTION Destination IP Address This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID. IP Subnet Mask Enter the IP subnet mask here.
Chapter 8 Static Route Table 36 Network Setting > Static Route > IPv6 Static Route (continued) LABEL DESCRIPTION Device This specifies the LAN or WAN PVC. Modify Click the Edit icon to go to the screen where you can set up a static route on the Device. Click the Remove icon to remove a static route from the Device. A window displays asking you to confirm that you want to delete the route. 8.3.1 IPv6 Static Route Edit Use this screen to configure the required information for an IPv6 static route.
C HAPT ER 9 Quality of Service (QoS) 9.1 Overview This chapter discusses the Device’s QoS screens. Use these screens to set up your Device to use QoS for traffic management. Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. QoS allows the Device to group and prioritize application traffic and fine-tune network performance.
Chapter 9 Quality of Service (QoS) CoS technologies includes DiffServ (Differentiated Services or DS). DiffServ is a new protocol and defines a new DS field, which replaces the eight-bit ToS (Type of Service) field in the IP header. Tagging and Marking In a QoS class, you can configure whether to add or change the DSCP (DiffServ Code Point) value ain a matched packet.
Chapter 9 Quality of Service (QoS) 9.3 The Queue Setup Screen Use this screen to configure QoS queue assignment. Click Network Setting > QoS > Queue Setup to open the screen as shown next. Figure 75 Network Setting > QoS > Queue Setup The following table describes the labels in this screen. Table 39 Network Setting > QoS > Queue Setup LABEL DESCRIPTION Index This is the index number of this entry. Status This indicates whether the queue is active or not.
Chapter 9 Quality of Service (QoS) Figure 76 Queue Setup: Edit The following table describes the labels in this screen. Table 40 Queue Setup: Edit LABEL DESCRIPTION Active Select to enable or disable this queue. Name Enter the descriptive name of this queue. Interface Select the interface of this queue. Priority Select the priority level (from 1 to 7) of this queue. The lower the number, the higher the priority level.
Chapter 9 Quality of Service (QoS) Figure 77 Network Setting > QoS > Class Setup The following table describes the labels in this screen. Table 41 Network Setting > QoS > Class Setup LABEL DESCRIPTION Add new Classifier Click this to create a new classifier. Index This field displays the order number of the classifier. Status This indicates whether the classifier is active or not. A yellow bulb signifies that this classifier is active. A gray bulb signifies that this classifier is not active.
Chapter 9 Quality of Service (QoS) Figure 78 Class Setup: Add/Edit The following table describes the labels in this screen. Table 42 Class Setup: Add/Edit LABEL DESCRIPTION Rule Index Select the (order) number of this rule. Class Configuration 110 Active Select to enable this classifier. Ether Type Select the Ether type (IPv4, IPv6, ARP, or IEEE 802.1Q) to which this rule applies. Interface Select whether to apply this class to traffic from the LAN or from the WAN.
Chapter 9 Quality of Service (QoS) Table 42 Class Setup: Add/Edit (continued) LABEL DESCRIPTION To Queue Select a queue to apply to this class (available when you set Interface to From WAN). You should have configured a queue in the Queue Setup screen already. Criteria Configuration Use the following fields to configure the criteria for traffic classification. Basic From Interface Select the interface from which the traffic class comes.
Chapter 9 Quality of Service (QoS) Table 42 Class Setup: Add/Edit (continued) LABEL DESCRIPTION TCP ACK If you select this option, the matched TCP packets must contain the ACK (Acknowledge) flag. DHCP Select this option and select a DHCP option. If you select Vendor Class ID (DHCP Option 60), enter the Class ID of the matched traffic, such as the type of the hardware or firmware. If you select ClientID (DHCP Option 61), enter the Type of the matched traffic and Client ID of the DHCP client.
Chapter 9 Quality of Service (QoS) Table 42 Class Setup: Add/Edit (continued) LABEL DESCRIPTION DSCP Mark(0~63) This field is available only when you select IPv4 (0x0800) in the Ether Type field. 802.1Q Tag If you select Remark, select a priority level (in the Ethernet Priority field) and enter a VLAN ID number (in the VLAN ID field) with which the Device replaces the IEEE 802.1p priority field and VLAN ID of the frames.
Chapter 9 Quality of Service (QoS) Table 43 Network Setting > QoS > Policer Setup (continued) LABEL DESCRIPTION Rule These are the rates and burst sizes against which the policer checks the traffic of the member QoS classes. Action This shows the how the policer has the Device treat different types of traffic belonging to the policer’s member QoS classes. Modify Click the Edit icon to edit the policer. Click the Delete icon to delete an existing policer.
Chapter 9 Quality of Service (QoS) Table 44 Policer Setup: Add/Edit (continued) LABEL DESCRIPTION Committed Rate Specify the committed rate. When the incoming traffic rate of the member QoS classes is less than the committed rate, the device applies the conforming action to the traffic. Committed Burst Size Specify the committed burst size for packet bursts.
Chapter 9 Quality of Service (QoS) 9.7 QoS Technical Reference This section provides some technical background information about the topics covered in this chapter. 9.7.1 DiffServ QoS is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
C HAPTER 10 Network Address Translation (NAT) 10.1 Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 10.1.1 What You Can Do in this Chapter • Use the General screen to limit the number of concurrent NAT sessions each client can use (Section 10.2 on page 118).
Chapter 10 Network Address Translation (NAT) Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world. Finding Out More See Section 10.6 on page 122 for advanced technical information on NAT. 10.2 The General Screen Use the General screen to limit the number of concurrent NAT sessions each client can use.
Chapter 10 Network Address Translation (NAT) specify a range of port numbers. You can allocate a server IP address that corresponds to a port or a range of ports. Please refer to RFC 1700 for further information about port numbers. Note: Many residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location.
Chapter 10 Network Address Translation (NAT) Table 47 Network Setting > NAT > Port Forwarding (continued) LABEL DESCRIPTION Active This field indicates whether the rule is active or not. A yellow bulb signifies that this rule is active. A gray bulb signifies that this rule is not active. Service Name This is the service’s name. This shows User Defined if you manually added a service. You can change this by clicking the edit icon.
Chapter 10 Network Address Translation (NAT) Table 48 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION External Start Port Configure this for a user-defined entry. Enter the original destination port for the packets. To forward only one port, enter the port number again in the External End Port field. To forward a series of ports, enter the start port number here and the end port number in the External End Port field. External End Port Configure this for a user-defined entry.
Chapter 10 Network Address Translation (NAT) The following table describes the fields in this screen. Table 49 Network Setting > NAT > DMZ LABEL DESCRIPTION WAN Interface Select the WAN interface for which to configure a default server. Default Server Address Enter the IP address of the default server which receives packets from ports that are not specified in the Port Forwarding screen.
Chapter 10 Network Address Translation (NAT) 10.6.1 NAT Definitions Inside/outside denotes where a host is located relative to the Device, for example, the computers of your subscribers are the inside hosts, while the web servers on the Internet are the outside hosts.
Chapter 10 Network Address Translation (NAT) Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored. The following figure illustrates this. Figure 88 How NAT Works NAT Table LAN Inside Local IP Address 192.168.1.10 192.168.1.11 192.168.1.12 192.168.1.13 192.168.1.13 192.168.1.12 SA SA 192.168.1.10 IGA1 Inside Local Address (ILA) 192.168.1.
C HAPTER 11 Port Binding 11.1 Overview Port binding aggregates port connections into logical groups. Bind WAN virtual channels (VCs) to Ethernet ports and WLANs to specify how traffic is forwarded. The Device forwards traffic from an Ethernet port only through the bound WAN virtual channel and vice versa. For ports not belonging to a port binding group, the Device forwards traffic according to the routing table.
Chapter 11 Port Binding 11.2 The Port Binding Screen Use this screen to enable or disable port binding or any port any service. Click Network Setting > Port Binding. If you want to enable the port binding feature and configure port binding groups, select Enable Port Binding. Figure 90 Network Setting > Port Binding: Enable Port Binding The following table describes the labels in this screen.
Chapter 11 Port Binding In the Port Binding screen, click the Port Binding Summary button in the Group Summary section to display the following screen. Figure 91 Network Setting > Port Binding: Port Binding Summary The following table describes the labels in this screen. Table 53 Network Setting > Port Binding: Port Binding Summary LABEL DESCRIPTION Group ID This field displays the group index number. Group Port This field displays the ports and virtual channels included in the group.
Chapter 11 Port Binding The following table describes the labels in this screen. Table 54 Network Setting > Port Binding: Any Port Any Service LABEL DESCRIPTION Index This is the index number for the port binding group. Option60 This is the Vendor Class Identifier of the matched traffic. Option61 This is the device identity of the matched traffic. Option77 This is the User Class Identifier of the matched traffic Option125 This is the vendor specific information of the matched traffic.
Chapter 11 Port Binding The following table describes the labels in this screen. Table 55 Any Port Any Service: Add/Edit LABEL DESCRIPTION Interface Select the WAN interface of the port binding group. Source MAC If you want to configure the port binding group by the source MAC address of the packet, select this check box and enter the MAC address and MAC mask. MAC address Enter the source MAC address of the packet.
Chapter 11 Port Binding It is suggested to reboot the Device after you have changed the port binding settings or WAN encapsulation.
C HAPTER 12 Dynamic DNS 12.1 Overview This chapter discusses how to configure your Device to use Dynamic DNS. Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in applications such as NetMeeting and CU-SeeMe). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.
Chapter 12 Dynamic DNS Figure 95 Network Setting > Dynamic DNS The following table describes the fields in this screen. Table 56 Network Setting > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Configuration Dynamic DNS Select Enable to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider. Host Name Type the domain name assigned to your Device by your Dynamic DNS provider. Username Type your user name for the Dynamic DNS service provider.
C HAPTER 13 Filter 13.1 Overview This chapter introduces filter rules you can configure to restrict traffic by IPv4 and IPv6 addresses and MAC addresses. 13.1.1 What You Can Do in the Filter Screens • Use the IP/MAC Filter screen (Section 13.2 on page 133) to create IPv4/MAC filter rules. • Use the IPv6/MAC Filter screen (Section 13.3 on page 135) to create IPv6/MAC filter rules. 13.2 The IP/MAC Filter Screen Use this screen to create and apply IPv4/MAC filters.
Chapter 13 Filter The following table describes the labels in this screen. Table 57 Security > Filter LABEL DESCRIPTION Rule Type Rule Type selection Select White List to create a filter rule that allows traffic. Select Black List to create a filter rule that blocks traffic. IP/MAC Filter Rule Editing IP/MAC Filter Rule Index Select the index number of the filter rule. Active Use this field to enable or disable the rule. Interface Select the interface to which to apply the filter.
Chapter 13 Filter 13.3 The IPv6/MAC Filter Screen Use this screen to create and apply IPv6/MAC filters. Click Security > Filter > IPv6/MAC Filter to display the screen as shown. Figure 97 Security > Filter > IPv6/MAC Filter The following table describes the labels in this screen. Table 58 Security > Filter > IPv6/MAC Filter LABEL DESCRIPTION Rule Type Rule Type selection Select White List to create a filter rule that allows traffic. Select Black List to create a filter rule that blocks traffic.
Chapter 13 Filter Table 58 Security > Filter > IPv6/MAC Filter (continued) LABEL DESCRIPTION Destination IPv6 Address Enter the destination IPv6 address of the packets you wish to filter. This field is ignored if it is ::. Destination Prefix Length Enter the prefix length for the destination IPv6 address. ICMPv6 Type Select one of the following ICMPv6 message types to filter.
Chapter 13 Filter Table 58 Security > Filter > IPv6/MAC Filter (continued) LABEL DESCRIPTION Delete Click this to remove the filter rule selected in the IPv6 / MAC Filter Rule Index field. Cancel Click this to restore your previously saved settings.
Chapter 13 Filter 138 AMG1312-T10D User’s Guide
C HAPTER 14 Firewall 14.1 Overview This chapter shows you how to enable the Device firewall. Use the firewall to protect your Device and network from attacks by hackers on the Internet and control access to it. The firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. • blocks SYN and port scanner attacks.
Chapter 14 Firewall • Use the Dos screen (Section 14.5 on page 148) to set the thresholds that the Device uses to determine when to start dropping sessions that do not become fully established (half-open sessions). 14.1.2 What You Need to Know About Firewall SYN Attack A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the targeted system to issue a SYN-ACK response.
Chapter 14 Firewall can be carried out through ICMPv6. Since ICMPv6 error messages are critical for establishing and maintaining communications, filtering policy focuses on ICMPv6 informational messages. Anti-Probing If an outside user attempts to probe an unsupported port on your Device, an ICMP response packet is automatically returned. This allows the outside user to know the Device exists. The Device supports anti-probing, which prevents the ICMP response packet from being sent.
Chapter 14 Firewall The following table describes the labels in this screen. Table 59 Security > Firewall > General LABEL DESCRIPTION High This setting blocks all traffic to and from the Internet. Only local network traffic and LAN to WAN service (Telnet, FTP, HTTP, HTTPS, DNS, POP3, SMTP) is permitted. Medium This is the recommended setting. It allows traffic to the Internet but blocks anyone from the Internet from accessing any services on your local network.
Chapter 14 Firewall The following table describes the labels in this screen. Table 60 Security > Firewall > Default Action LABEL DESCRIPTION Packet Direction This is the direction of travel of packets (WAN to LAN, LAN to WAN, WAN to Router, LAN to Router). Firewall rules are grouped based on the direction of travel of packets to which they apply. For example, LAN to Router means packets traveling from a computer/subnet on the LAN to the Device itself.
Chapter 14 Firewall Table 61 Security > Firewall > Rules (continued) LABEL DESCRIPTION Create a new rule after rule number Select an index number and click Add to add a new firewall rule after the selected index number. For example, if you select “6”, your new rule becomes number 7 and the previous rule 7 (if there is one) becomes rule 8. The following read-only fields summarize the rules you have created that apply to traffic traveling in the selected packet direction.
Chapter 14 Firewall Figure 102 Security > Firewall > Rules > Add The following table describes the labels in this screen. Table 62 Security > Firewall > Rules > Add LABEL DESCRIPTION Active Select this option to enable this firewall rule. Action for Matched Packets Use the drop-down list box to select whether to discard (Drop), deny and send an ICMP destination-unreachable message to the sender of (Reject) or allow the passage of (Permit) packets that match this rule.
Chapter 14 Firewall Table 62 Security > Firewall > Rules > Add (continued) LABEL DESCRIPTION Rules/Source Address Address Type Do you want your rule to apply to packets with a particular (single) IP, a range of IP addresses (for instance, 192.168.1.10 to 192.169.1.50), a subnet or any IP address? Select an option from the drop-down list box that includes: Single Address, Range Address, Subnet Address and Any Address.
Chapter 14 Firewall Figure 103 Security > Firewall > Rules: Edit: Edit Customized Services The following table describes the labels in this screen. Table 63 Security > Firewall > Rules: Edit: Edit Customized Services LABEL DESCRIPTION # This is the number of your customized port. Name This is the name of your customized service. Protocol This shows the IP protocol (TCP or UDP) that defines your customized service. Port Type This is the port number or range that defines your customized service.
Chapter 14 Firewall Figure 104 Security > Firewall > Rules: Edit: Edit Customized Services: Add/Edit The following table describes the labels in this screen. Table 64 Security > Firewall > Rules: Edit: Edit Customized Services: Add/Edit LABEL DESCRIPTION Config Service Name Type a unique name for your custom port. Service Type Choose the IP port (TCP or UDP) that defines your customized port from the drop down list box.
Chapter 14 Firewall The following table describes the labels in this screen. Table 65 Security > Firewall > Dos LABEL DESCRIPTION Denial of Services Enable this to protect against DoS attacks. The Device will drop sessions that surpass maximum thresholds. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. Advanced Click this to go to a screen to specify maximum thresholds at which the Device will start dropping sessions. 14.5.
Chapter 14 Firewall 4 Network bandwidth. 5 Type of traffic for certain servers. Reduce the threshold values if your network is slower than average for any of these factors (especially if you have servers that are slow or handle many tasks and are often busy).
Chapter 14 Firewall Table 66 Security > Firewall > DoS > Advanced (continued) LABEL DESCRIPTION OK Click this to save your changes. Cancel Click this to exit this screen without saving. 14.6 Firewall Technical Reference This section provides some technical background information about the topics covered in this chapter. 14.6.1 Firewall Rules Overview Your customized rules take precedence and override the Device’s default settings.
Chapter 14 Firewall • WAN to Router By default the Device stops computers on the WAN from managing the Device. You could configure one of these rules to allow a WAN computer to manage the Device. Note: You also need to configure the remote management settings to allow a WAN computer to manage the Device. You may define additional rules and sets or modify existing ones but please exercise extreme caution in doing so.
Chapter 14 Firewall 1 Does this rule stop LAN users from accessing critical resources on the Internet? For example, if IRC is blocked, are there users that require this service? 2 Is it possible to modify the rule to be more specific? For example, if IRC is blocked for all users, will a rule that blocks just certain users be more effective? 3 Does a rule that allows Internet users access to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are allowed from th
Chapter 14 Firewall Figure 109 “Triangle Route” Problem WAN LAN 1 ISP 1 2 3 ISP 2 A 14.6.4.2 Solving the “Triangle Route” Problem If you have the Device allow triangle route sessions, traffic from the WAN can go directly to a LAN computer without passing through the Device and its firewall protection. Another solution is to use IP alias. IP alias allows you to partition your network into logical sections over the same Ethernet interface.
C HAPTER 15 Parental Control 15.1 Overview Parental control allows you to block web sites with the specific URL. You can also define time periods and days during which the Device performs parental control on a specific user. 15.2 The Parental Control Screen Use this screen to enable parental control, view the parental control rules and schedules. Click Security > Parental Control to open the following screen. Figure 111 Security > Parental Control The following table describes the fields in this screen.
Chapter 15 Parental Control Table 67 Parental Control > Parental Control (continued) LABEL DESCRIPTION Website Blocked This shows whether the website block is configured. If not, None will be shown. Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Delete icon to delete an existing rule. Add Click Add to create a new schedule. Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to return your last saved settings. 15.2.
Chapter 15 Parental Control The following table describes the fields in this screen. Table 68 Add/Edit Parental Control Rule LABEL DESCRIPTION General Active Select the checkbox to activate this parental control rule. Parental Control Profile Name Enter a descriptive name for the rule. Home Network User Select the LAN user that you want to apply this rule to from the drop-down list box. If you select Custom, enter the LAN user’s MAC address. If you select All, the rule applies to all LAN users.
Chapter 15 Parental Control 158 AMG1312-T10D User’s Guide
C HAPTER 16 Certificates 16.1 Overview The Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 16.1.1 What You Can Do in this Chapter • Use the Local Certificates screen to view and import the Device’s CA-signed certificates (Section 16.2 on page 161).
Chapter 16 Certificates The Device uses certificates based on public-key cryptology to authenticate users attempting to establish a connection. The method used to secure the data that you send through an established connection depends on the type of connection. For example, a VPN tunnel might use the triple DES encryption algorithm. The certification authority uses its private key to sign certificates. Anyone can then use the certification authority’s public key to verify the certificates.
Chapter 16 Certificates Figure 113 Certificates on Your Computer 3 Double-click the certificate’s icon to open the Certificate window. Click the Details tab and scroll down to the Thumbprint Algorithm and Thumbprint fields. Figure 114 Certificate Details 4 Use a secure method to verify that the certificate owner has the same information in the Thumbprint Algorithm and Thumbprint fields. The secure method may very based on your situation.
Chapter 16 Certificates Figure 115 Security > Certificates > Local Certificates The following table describes the labels in this screen. Table 69 Security > Certificates > Local Certificates LABEL DESCRIPTION WebServer Click Browse... to find the certificate file you want to upload. Current File This field displays the name used to identify this certificate. It is recommended that you give each certificate a unique name.
Chapter 16 Certificates 16.3 Trusted CA Use this screen to view a summary list of certificates of the certification authorities that you have set the Device to accept as trusted. The Device accepts any valid certificate signed by a certification authority on this list as being trustworthy; thus you do not need to import any certificate that is signed by one of these certification authorities. Click Security > Certificates > Trusted CA to open the Trusted CA screen.
Chapter 16 Certificates Figure 117 Trusted CA > Import The following table describes the labels in this screen. Table 71 Security > Certificates > Trusted CA > Import LABEL DESCRIPTION Certificate File Path Type in the location of the file you want to upload in this field or click Browse to find it. Browse Click Browse to find the certificate file you want to upload. Apply Click this to save the certificate on the Device. Cancel Click this to exit this screen without saving. 16.
Chapter 16 Certificates Figure 118 Trusted CA: View The following table describes the labels in this screen. Table 72 Trusted CA: View LABEL DESCRIPTION Certificate Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces). Certificate Detail This read-only text box displays the certificate or certification request in Privacy Enhanced Mail (PEM) format.
Chapter 16 Certificates 166 AMG1312-T10D User’s Guide
C HAPTER 17 System Monitor 17.1 Overview Use the Traffic Status screens to view status and log information. 17.1.1 What You Can Do in this Chapter • Use the Log screen to see the system logs for the categories that you select (Section 17.2 on page 168). • Use the WAN Traffic Status screen to view the WAN traffic statistics (Section 17.3 on page 169). • Use the LAN Traffic Status screen to view the LAN traffic statistics (Section 17.4 on page 169).
Chapter 17 System Monitor Table 73 Syslog Severity Levels (continued) CODE SEVERITY 3 Error: There is an error condition on the system. 4 Warning: There is a warning condition on the system. 5 Notice: There is a normal but significant condition on the system. 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 17.2 The Log Screen Click System Monitor > Log to open the Log screen.
Chapter 17 System Monitor 17.3 The WAN Traffic Status Screen Click System Monitor > Traffic Status to open the WAN Traffic Status screen. You can view the WAN traffic statistics in this screen. Figure 120 System Monitor > Traffic Status > WAN The following table describes the fields in this screen. Table 75 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Status This shows the number of bytes sent and received through the WAN interface of the Device.
Chapter 17 System Monitor Figure 121 System Monitor > Traffic Status > LAN The following table describes the fields in this screen. Table 76 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Refresh Interval Specify how often you want the Device to update this screen and click Set Interval to apply the change. Click Stop to halt updating of the screen. Interface This shows the LAN or WLAN interface. Bytes Sent This indicates the number of bytes transmitted on this interface.
Chapter 17 System Monitor Figure 122 System Monitor > Traffic Status > NAT The following table describes the fields in this screen. Table 77 System Monitor > Traffic Status > NAT LABEL DESCRIPTION Refresh Interval Specify how often you want the Device to update this screen and click Set Interval to apply the change. Click Stop to halt updating of the screen. Device Name This shows the name of the client. IP Address This shows the IP address of the client.
Chapter 17 System Monitor 172 AMG1312-T10D User’s Guide
C HAPTER 18 User Account 18.1 Overview You can configure the system password in the User Account screen. 18.2 The User Account Screen Use the User Account screen to configure system password. Click Maintenance > User Account to open the following screen. Figure 123 Maintenance > User Account The following table describes the labels in this screen. Table 78 Maintenance > User Account LABEL DESCRIPTION User Name You can configure the password for the admin account.
Chapter 18 User Account 174 AMG1312-T10D User’s Guide
C HAPTER 19 TR-069 Client 19.1 Overview This chapter explains how to configure the Device’s TR-069 auto-configuration settings. 19.2 The TR-069 Client Screen TR-069 defines how Customer Premise Equipment (CPE), for example your Device, can be managed over the WAN by an Auto Configuration Server (ACS). TR-069 is based on sending Remote Procedure Calls (RPCs) between an ACS and a client device. RPCs are sent in Extensible Markup Language (XML) format over HTTP or HTTPS.
Chapter 19 TR-069 Client The following table describes the fields in this screen. Table 79 Maintenance > TR-069 Client 176 LABEL DESCRIPTION CWMP Select Enable to allow the Device to be managed by a management server. Otherwise, select Disable to not allow the Device to be managed by a management server. ACS URL Enter the URL or IP address of the auto-configuration server. ACS User Name Enter the TR-069 user name for authentication with the auto-configuration server.
C HAPTER 20 System 20.1 Overview You can configure system settings, including the host name, domain name and the inactivity timeout interval in the System screen. 20.2 The System Screen Use the System screen to configure the system’s inactivity time-out interval. Click Maintenance > System to open the following screen. Figure 125 Maintenance > System The following table describes the labels in this screen.
Chapter 20 System 178 AMG1312-T10D User’s Guide
C HAPTER 21 Time Setting 21.1 Overview You can configure the system’s time and date in the Time Setting screen. 21.2 The Time Setting Screen To change your Device’s time and date, click Maintenance > Time. The screen appears as shown. Use this screen to configure the Device’s time based on your local time zone. Figure 126 Maintenance > Time Setting The following table describes the fields in this screen.
Chapter 21 Time Setting Table 81 Maintenance > System > Time Setting (continued) LABEL DESCRIPTION Get from Time Server Select this to have the Device get the time automatically from a time server. Time Server Address 1, 2 Enter the IP address or URL (up to 31 extended ASCII characters in length) of your time server. Check with your ISP/network administrator if you are unsure of this information. Time Zone Choose the time zone of your location.
C HAPTER 22 Log Setting 22.1 Overview You can configure where the Device sends logs and which logs and/or immediate alerts the Device records in the Log Setting screen. 22.2 The Log Setting Screen To change your Device’s log settings, click Maintenance > Log Setting. The screen appears as shown.
Chapter 22 Log Setting Figure 127 Maintenance > Log Setting The following table describes the fields in this screen. Table 82 Maintenance > Log Setting LABEL DESCRIPTION Syslog Setting Syslog Logging Select the Active check box to enable syslog logging. Mode Select Local File to have the Device save the log file locally. Select Local File and Remote to have the Device save the log file locally and send it to an external syslog server.
Chapter 22 Log Setting Table 82 Maintenance > Log Setting (continued) LABEL DESCRIPTION E-mail Log Settings SMTP Authentication SMTP (Simple Mail Transfer Protocol) is the message-exchange standard for the Internet. SMTP enables you to move messages from one E-mail server to another. Select the check box to activate SMTP authentication. If mail server authentication is needed but this feature is disabled, you will not receive the E-mail logs.
Chapter 22 Log Setting 184 AMG1312-T10D User’s Guide
C HAPTER 23 Firmware Upgrade 23.1 Overview This chapter explains how to upload new firmware to your Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your Device. 23.2 The Firmware Upgrade Screen Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 23 Firmware Upgrade After you see the firmware updating screen, wait a few minutes before logging into the Device again. Figure 129 Firmware Uploading The Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 130 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
C HAPTER 24 Backup/Restore 24.1 Overview The Backup/Restore screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 24.2 The Backup/Restore Screen Click Maintenance > Backup/Restore. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Chapter 24 Backup/Restore Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your Device. Table 84 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Chapter 24 Backup/Restore Figure 135 Reset In Process Message You can also press the RESET button on the back panel to reset the factory defaults of your Device. Refer to Section 1.6 on page 16 for more information on the RESET button. 24.3 The Reboot Screen System restart allows you to reboot the Device remotely without turning the power off. You may need to do this if the Device hangs, for example. Click Maintenance > Reboot. Click the Reboot button to have the Device reboot.
Chapter 24 Backup/Restore 190 AMG1312-T10D User’s Guide
C HAPTER 25 Remote Management 25.1 Overview Remote management allows you to determine which services/protocols can access which Device interface (if any) from which computers. The following figure shows remote management of the Device coming in from the WAN. Figure 136 Remote Management From the WAN LAN WAN HTTP Telnet Note: When you configure remote management to allow management from the WAN, you still need to configure a IP filter rule to allow access.
Chapter 25 Remote Management • Your Device can act as an SNMP agent, which allows a manager station to manage and monitor the Device through the network. Use the SNMP screen (see Section 25.5 on page 195) to configure through which interfaces and from which IP addresses users can use SNMP to access the Device. • Use the DNS screen (Section 25.6 on page 198) to configure through which interfaces and from which IP addresses users can send DNS queries to the Device. • Use the ICMP screen (Section 25.
Chapter 25 Remote Management Figure 137 Maintenance > Remote MGMT > WWW The following table describes the labels in this screen. Table 85 Maintenance > Remote MGMT > WWW LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device using HTTP or HTTPS. If the number is grayed out, it is not editable. Server Access Select the interfaces through which a computer may access the Device using this service.
Chapter 25 Remote Management 25.3 Telnet Screen You can use Telnet to access the Device’s command line interface. Specify which interfaces allow Telnet access and from which IP address the access can come. Click Maintenance > Remote MGMT > Telnet tab to display the screen as shown. Figure 138 Maintenance > Remote MGMT > Telnet The following table describes the labels in this screen.
Chapter 25 Remote Management Use this screen to specify which interfaces allow FTP access and from which IP address the access can come. To change your Device’s FTP settings, click Maintenance > Remote MGMT > FTP. The screen appears as shown. Figure 139 Maintenance > Remote MGMT > FTP The following table describes the labels in this screen. Table 87 Maintenance > Remote MGMT > FTP LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device.
Chapter 25 Remote Management Figure 140 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the Device). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions.
Chapter 25 Remote Management Figure 141 Maintenance > Remote MGMT > SNMP The following table describes the labels in this screen. Table 88 Maintenance > Remote MGMT > SNMP LABEL DESCRIPTION Server Port This displays the port the SNMP agent listens on. If the number is grayed out, it is not editable. Server Access Select the interfaces through which a computer may access the Device using this service.
Chapter 25 Remote Management Table 88 Maintenance > Remote MGMT > SNMP (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to begin configuring this screen afresh. 25.6 DNS Screen Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Use this screen to set from which IP address the Device will accept DNS queries and on which interface it can send them your Device’s DNS settings.
Chapter 25 Remote Management 25.7 ICMP Screen To change your Device’s security settings, click Maintenance > Remote MGMT > ICMP. The screen appears as shown. If an outside user attempts to probe an unsupported port on your Device, an ICMP response packet is automatically returned. This allows the outside user to know the Device exists. Your Device supports anti-probing, which prevents the ICMP response packet from being sent.
Chapter 25 Remote Management Click Maintenance > Remote MGMT > SSH tab to display the screen as shown. Figure 144 Maintenance > Remote MGMT > SSH The following table describes the labels in this screen. Table 91 Maintenance > Remote MGMT > SSH LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device. If the number is grayed out, it is not editable. Server Access Select the interfaces through which a computer may access the Device using this service.
Chapter 25 Remote Management 2 A window displays prompting you to store the host key in your computer. Click Yes to continue. 3 Enter your user name and password. 4 The command line interface displays.
Chapter 25 Remote Management 202 AMG1312-T10D User’s Guide
C HAPTER 26 Diagnostic 26.1 Overview You can use different diagnostic methods to test a connection and see the detailed information. These read-only screens display information to help you identify problems with the Device. 26.1.1 What You Can Do in the Diagnostic Screens • Use the Ping screen (Section 26.2 on page 203) to ping an IP address. • Use the DSL Line screen (Section 26.3 on page 204) to view the DSL line statistics and reset the ADSL line. 26.
Chapter 26 Diagnostic Table 92 Maintenance > Diagnostic > Ping (continued) LABEL DESCRIPTION TracerouteV6 Click this to show the path that packets take from the system to the IPv6 address that you entered. TraceRouteV4 Click this button to perform the traceroute function. This determines the path a packet takes to the specified host. 26.3 The DSL Line Screen Use this screen to view the DSL line statistics and reset the DSL line. Click Maintenance > Diagnostic > DSL Line.
Chapter 26 Diagnostic The following table describes the fields in this screen. Table 93 Maintenance > Diagnostic > DSL Line LABEL DESCRIPTION ATM Status Click this to view your DSL connection’s Asynchronous Transfer Mode (ATM) statistics. ATM is a networking technology that provides high-speed data transfer. ATM uses fixedsize packets of information called cells. With ATM, a high QoS (Quality of Service) can be guaranteed. The (Segmentation and Reassembly) SAR driver translates packets into ATM cells.
Chapter 26 Diagnostic 206 AMG1312-T10D User’s Guide
C HAPTER 27 Troubleshooting 27.1 Overview This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Device Access and Login • Internet Access • Wireless Internet Access • USB Device Connection • UPnP 27.2 Power, Hardware Connections, and LEDs The Device does not turn on. None of the LEDs turn on. 1 Make sure the Device is turned on.
Chapter 27 Troubleshooting 4 Turn the Device off and on. 5 If the problem continues, contact the vendor. 27.3 Device Access and Login I forgot the IP address for the Device. 1 The default IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 27 Troubleshooting 4 Reset the device to its factory defaults, and try to access the Device with the default IP address. See Section 1.6 on page 16. 5 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Try to access the Device using another service, such as Telnet. If you can access the Device, check the remote management settings and firewall rules to find out why the Device does not respond to HTTP.
Chapter 27 Troubleshooting 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.7 on page 16. 2 Make sure you entered your ISP account information correctly. These fields are case-sensitive, so make sure [Caps Lock] is not on. 3 If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP.
Chapter 27 Troubleshooting 27.5 Wireless Internet Access What factors may cause intermittent or unstabled wireless connection? How can I solve this problem? The following factors may cause interference: • Obstacles: walls, ceilings, furniture, and so on. • Building Materials: metal doors, aluminum studs. • Electrical devices: microwaves, monitors, electric motors, cordless phones, and other wireless devices.
Chapter 27 Troubleshooting 27.6 USB Device Connection The Device fails to detect my USB device. 1 Disconnect the USB device. 2 Reboot the Device. 3 If you are connecting a USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. 4 Re-connect your USB device to the Device. 27.7 UPnP When using UPnP and the Device reboots, my computer cannot detect UPnP and refresh My Network Places > Local Network.
A PPENDIX A Legal Information Copyright Copyright © 2014 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix A Legal Information Viewing Certifications Go to http://www.zyxel.com to view this product’s documentation and certifications. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in material or workmanship for a specific period (the Warranty Period) from the date of purchase. The Warranty Period varies by region.
Appendix A Legal Information [Polish] Niniejszym ZyXEL oświadcza, że sprzęt jest zgodny z zasadniczymi wymogami oraz pozostałymi stosownymi postanowieniami Dyrektywy 1999/5/EC. [Portuguese] ZyXEL declara que este equipamento está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/EC. [Slovenian] ZyXEL izjavlja, da je ta oprema v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 1999/5/EC.
Appendix A Legal Information Indoor (No restrictions) 2.4 – 2.4835 100mW (20dBm) Outdoor 2.4 – 2.454 100mW (20dBm) 2.454 – 2.4835 10mW (10dBm) Italy This product meets the National Radio Interface and the requirements specified in the National Frequency Allocation Table for Italy. Unless this wireless LAN product is operating within the boundaries of the owner's property, its use requires a “general authorization.” Please check http://www.sviluppoeconomico.gov.it/ for more details.
Appendix A Legal Information • • • Do not use this product near water for example, near a bathtub, washbowl, kitchen sink or laundry tub, in a wet basement or near a swimming pool. Avoid using a telephone (other than a cordless type) during an electrical storm. There may be a remote risk of electric shock from lightning. Do not use the telephone to report a gas leak in the vicinity of the leak. Your product is marked with this symbol, which is known as the WEEE mark.
Appendix A Legal Information Environmental Product Declaration 218 AMG1312-T10D User’s Guide
Index Index A ACS 175 activation port binding 126 SSID 59 wireless LAN scheduling 66 administrator password 19 anti-probing 141 Asynchronous Transfer Mode, see ATM ATM 205 MBS 40, 45 PCR 40, 45 QoS 39, 45 SCR 40, 45 status 205 factory default 162 certificates 159 CA 159 replacing 162 storage space 162 thumbprint algorithms 161 thumbprints 161 trusted CAs 163 verifying fingerprints 160 Certification Authority, see CA certifications 213 notices 213 viewing 214 channel scan 55 channel, wireless LAN 52 CLI 13
Index Denials of Service, see DoS DSL connections, status 205 firewalls 139 actions 145 address types 146 anti-probing 141 customized services 146, 148 DDoS 140 default action 143 DoS 140 thresholds 141, 149 ICMP 141 LAND attack 140 logs 145 P2P 150 packet direction 143 Ping of Death 140 rules 151 security 152 SYN attack 140 three-way handshake 149 triangle route 153 solutions 154 dynamic DNS 131 firmware 185 Dynamic Host Configuration Protocol, see DHCP fragmentation threshold 68, 69 DYNDNS wildcar
Index Windows XP 94 Internet wizard setup 25 M MAC 29, 30 Internet access wizard setup 25 MAC address 62, 80 filter 61 Internet Assigned Numbers Authority See IANA MAC authentication 61 Internet Control Message Protocol, see ICMP Internet Group Management Protocol, see IGMP IP address 29, 32, 44, 50, 91 default 19 IP alias 81 configuration 81 IP pool 79 IP pool setup 91 IP precedence 112 configuration 112 IP/MAC filter 133, 135 configuration 134, 135 Management Information Base (MIB) 196 Maximum Bur
Index passwords 19 restart 189 PCR 40, 45 restoring configuration 188 Peak Cell Rate, see PCR RFC 1483 36, 42, 49 PHB 116 RFC 1631 117 Ping of Death 140 RFC 3164 167 port binding 125 activation 126 summary screen 126 RIP 39 ports 17 RTS threshold 69 Routing Information Protocol, see RIP RPPCs 175 PPPoA 36, 42, 49 PPPoE 36, 42, 49 preamble 68, 69 Printer Server 89 printer sharing and LAN 90 requirements 90 probing, firewalls 141 product registration 214 push button 15 S scan 55 scheduling wi
Index subnet mask 91 VBR-RT 39, 45 Sustain Cell Rate, see SCR VCI 36, 43, 50 SYN attack 140 version firmware version 29 syslog protocol 167 severity levels 167 system firmware 185 passwords 19 reset 16 status 27 System Info 28 system name 28 T three-way handshake 149 thresholds data fragment 68, 69 DoS 141, 149 P2P 150 RTS/CTS 69 TR-069 13, 175 ACS setup 175 trademarks 213 triangle route 153 solutions 154 trusted CAs, and certificates 163 Virtual Channel Identifier, see VCI Virtual Path Identifier,
Index limitations 71 MAC address filter 61 MBSSID 72 preamble 68, 69 RADIUS server 70 RTS/CTS threshold 69 scheduling 66 security 69 SSID 70 activation 59 WDS 64, 72 compatibility 64 example 73 WEP 71 WPA 71 WPA-PSK 71 WPS push button 15 wireless network example 51 wizard setup Internet 25 WLAN 51 auto-scan channel 55 scheduling 66 see also wireless.